Forum Discussion
Solved
Authenticating with an access token Connect-MicrosoftTeams
Has anyone tried authenticating with an access token (using -AadAccessToken or -MsAccessToken)? The old version of New-CsOnlineSession had an -OAuthAccessToken param, which accepted a jwt with the PS ...
- FYI - I raised a ticket, and it should be fixed by mid november.
Issue description:
Cannot properly run Connect-MicrosoftTeams -AccessTokens
Resolution Steps:
Escalated case with our engineering Team
Issue is known bug and currently being fixed
Expecting a fix to go out by NOV mid
Any Updates on this Topic?
https://docs.microsoft.com/en-us/powershell/module/teams/connect-microsoftteams?view=teams-ps
$graphtoken = #Get MSGraph Token for following for resource "https://graph.microsoft.com" and scopes "AppCatalog.ReadWrite.All", "Group.ReadWrite.All", "User.Read.All";
$teamstoken = #Get Teams resource token for resource id "48ac35b8-9aa8-4d74-927d-1f4a14a0b239" and scope "user_impersonation";
Connect-MicrosoftTeams -AccessTokens @($graphtoken, $teamstoken) -AccountId $adminaccount
Account Environment Tenant TenantId
------- ----------- ------------------------------------ ------------------------------------
user@contoso.com AzureCloud xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Specifies a access tokens for "MSGraph" and "Skype and Teams Tenant Admin API" resources. This new parameter is added in version 2.3.2-preview.
Following steps must be performed by Tenant Admin in the Azure portal when using your own application.
Steps to configure the AAD application.
Go to Azure portal and go to App Registrations.
Create or select the existing application.
Add the following permission to this Application.
Click API permissions.
Click Add a permission.
Click on the Microsoft MS Graph, and then select Delegated Permission.
Add the following permissions: "AppCatalog.ReadWrite.All", "Group.ReadWrite.All", "User.Read.All";
Next, we need to add "Skype and Teams Tenant Admin API" resource permission. Click Add a permission.
Navigate to "APIs my organization uses"
Search for "Skype and Teams Tenant Admin API".
Add all the listed permissions.
Grant admin consent to both MS Graph and "Skype and Teams Tenant Admin API" name.
https://docs.microsoft.com/en-us/powershell/module/teams/connect-microsoftteams?view=teams-ps
$graphtoken = #Get MSGraph Token for following for resource "https://graph.microsoft.com" and scopes "AppCatalog.ReadWrite.All", "Group.ReadWrite.All", "User.Read.All";
$teamstoken = #Get Teams resource token for resource id "48ac35b8-9aa8-4d74-927d-1f4a14a0b239" and scope "user_impersonation";
Connect-MicrosoftTeams -AccessTokens @($graphtoken, $teamstoken) -AccountId $adminaccount
Account Environment Tenant TenantId
------- ----------- ------------------------------------ ------------------------------------
user@contoso.com AzureCloud xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Specifies a access tokens for "MSGraph" and "Skype and Teams Tenant Admin API" resources. This new parameter is added in version 2.3.2-preview.
Following steps must be performed by Tenant Admin in the Azure portal when using your own application.
Steps to configure the AAD application.
Go to Azure portal and go to App Registrations.
Create or select the existing application.
Add the following permission to this Application.
Click API permissions.
Click Add a permission.
Click on the Microsoft MS Graph, and then select Delegated Permission.
Add the following permissions: "AppCatalog.ReadWrite.All", "Group.ReadWrite.All", "User.Read.All";
Next, we need to add "Skype and Teams Tenant Admin API" resource permission. Click Add a permission.
Navigate to "APIs my organization uses"
Search for "Skype and Teams Tenant Admin API".
Add all the listed permissions.
Grant admin consent to both MS Graph and "Skype and Teams Tenant Admin API" name.
They seems to have gone backwards with release 2.5.0. I used to be able to use
Connect-MicrosoftTeams -AccessTokens @($graphtoken, $teamstoken) -Verbose -AccountId "user@domain.com"
to at least access the new cmdlets, but now I get
Parameter set cannot be resolved using the specified named parameters. One or more parameters issued cannot be used together or an insufficient number of parameters were provided.
Connect-MicrosoftTeams -AccessTokens @($graphtoken, $teamstoken) -Verbose -AccountId "user@domain.com"
to at least access the new cmdlets, but now I get
Parameter set cannot be resolved using the specified named parameters. One or more parameters issued cannot be used together or an insufficient number of parameters were provided.
- Removing the -AccountId "user@domain.com" parameter should allow you to login. Seems this detail is derived via the tokens now in 2.5.0
MattLadewigWhen I do this I now get "Object reference not set to an instance of an object." on the Connect-MicrosoftTeams line.
Using Teams 2.5.0
Does not work here. I've created a GitHub Issue to clarify the Permissions needed https://github.com/MicrosoftDocs/office-docs-powershell/issues/8194
Regards
Andres
I am Using Teams PowerShell Module 2.6.1
But i am Still not able to Connect with the Access Tokens.
Any Updates?
